aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2015-06-20 18:45:25 -0400
committerJay Satiro <raysatiro@yahoo.com>2015-06-20 18:45:25 -0400
commit6842afbf4498198766bf4ff6300a5f267fcbd361 (patch)
treef653edb67a38ace304f8ed81ef0962a13affe3df
parentea1eec8ea88ade9137cdb6db422d00b273daef03 (diff)
INSTALL: Advise use of non-native SSL for Windows <= XP
Advise that WinSSL in versions <= XP will not be able to connect to servers that no longer support the legacy handshakes and algorithms used by those versions, and to use an alternate backend like OpenSSL instead. Bug: https://github.com/bagder/curl/issues/253 Reported-by: zenden2k <zenden2k@gmail.com>
-rw-r--r--docs/INSTALL9
-rw-r--r--projects/README9
-rw-r--r--winbuild/BUILD.WINDOWS.txt13
3 files changed, 29 insertions, 2 deletions
diff --git a/docs/INSTALL b/docs/INSTALL
index 457031884..e7a929bf6 100644
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -471,6 +471,15 @@ Win32
add '-DCURL_STATICLIB' to your CFLAGS. Otherwise the linker will look for
dynamic import symbols.
+ Legacy Windows and SSL
+ ----------------------
+ WinSSL (Windows SSPI, more specifically Schannel), is the native SSL library
+ that comes with the Windows OS. WinSSL in Windows <= XP is not able to
+ connect to servers that no longer support the legacy handshakes and
+ algorithms used by those versions. If you will be using curl in one of those
+ earlier versions of Windows you should choose another SSL backend like
+ OpenSSL.
+
Apple iOS and Mac OS X
======================
diff --git a/projects/README b/projects/README
index b45d78397..27095380a 100644
--- a/projects/README
+++ b/projects/README
@@ -110,6 +110,15 @@ Notes
stored in the git repositoty) will need to be modified rather than the
generated project files that Visual Studio uses.
+Legacy Windows and SSL
+======================
+Some of the project configurations use as an SSL backend WinSSL (Windows SSPI,
+more specifically Schannel), the native SSL library that comes with the Windows
+OS. WinSSL in Windows <= XP is not able to connect to servers that no longer
+support the legacy handshakes and algorithms used by those versions. If you
+will be using curl in one of those earlier versions of Windows you should
+choose another SSL backend like OpenSSL.
+
TODO
====
diff --git a/winbuild/BUILD.WINDOWS.txt b/winbuild/BUILD.WINDOWS.txt
index 600f73746..ed19e56c0 100644
--- a/winbuild/BUILD.WINDOWS.txt
+++ b/winbuild/BUILD.WINDOWS.txt
@@ -1,5 +1,5 @@
-Building with Visual C++, prerequises
-=====================================
+Building with Visual C++, prerequisites
+=======================================
This document describes how to compile, build and install curl and libcurl
from sources using the Visual C++ build tool. To build with VC++, you will
@@ -87,3 +87,12 @@ therefore rarely tested. When passing RTLIBCFG for a configuration that was
already built but not with that option, or if the option was specified
differently, you must destroy the build directory containing the configuration
so that nmake can build it from scratch.
+
+Legacy Windows and SSL
+======================
+When you build curl using the build files in this directory the default SSL
+backend will be WinSSL (Windows SSPI, more specifically Schannel), the native
+SSL library that comes with the Windows OS. WinSSL in Windows <= XP is not able
+to connect to servers that no longer support the legacy handshakes and
+algorithms used by those versions. If you will be using curl in one of those
+earlier versions of Windows you should choose another SSL backend like OpenSSL.